The software company targeted by a holiday weekend ransomware attack said between 800 and 1,500 small businesses managed by its customers were compromised.
Still, Kaseya says the cyberattack it experienced over the July 4th holiday weekend was never a threat and had no impact on critical infrastructure.
The Dublin-based company said Tuesday that it was alerted on July 2 to a potential attack by internal and external sources. It immediately shut down access to the software in question. The incident impacted about 50 Kaseya customers.
Many of Kaseya’s customers are managed service providers, using Kaseya’s technology to manage IT infrastructure for local and small businesses with less than 30 employees, such as dentists’ offices, small accounting offices and local restaurants. Of the approximately 800,000 to 1,000,000 local and small businesses that are managed by Kaseya’s customers, only about 800 to 1,500 have been compromised.
The hacked Kaseya tool, VSA, remotely maintains customer networks, automating security and other software updates. President Joe Biden said Saturday that he ordered a “deep dive” by U.S. intelligence into the attack and that the U.S. would respond if it determines the Kremlin is involved.
The company said that it’s working with various government agencies, including the FBI, CISA, Department of Homeland Security and the White House, as well as with computer incident response company FireEye Mandiant IR on the incident.